// Declare Internals
const internals = {};
internals.defaults = {
accessTokenName: 'access_token',
allowQueryToken: false,
allowCookieToken: false,
allowMultipleHeaders: false,
allowChaining: false,
tokenType: 'Bearer',
unauthorized: Boom.unauthorized
};
internals.schema = Joi.object().keys({
validate: Joi.func().required(),
accessTokenName: Joi.string().required(),
allowQueryToken: Joi.boolean(),
allowCookieToken: Joi.boolean(),
allowMultipleHeaders: Joi.boolean(),
allowChaining: Joi.boolean(),
tokenType: Joi.string().required(),
unauthorized: Joi.func()
});
internals.implementation = (server, options) => {
Hoek.assert(options, 'Missing bearer auth strategy options');
const settings = Hoek.applyToDefaults(internals.defaults, options);
Joi.assert(settings, internals.schema);
server.expose('oauth', OAuth);
}
};
internals.schema = Joi.object({
provider: Joi.object({
name: Joi.string().optional().default('custom'),
protocol: Joi.string().valid('oauth', 'oauth2'),
temporary: Joi.string().when('protocol', { is: 'oauth', then: Joi.required(), otherwise: Joi.forbidden() }),
signatureMethod: Joi.string().valid('HMAC-SHA1', 'RSA-SHA1').when('protocol', { is: 'oauth', then: Joi.default('HMAC-SHA1'), otherwise: Joi.forbidden() }),
auth: Joi.string().required(),
useParamsAuth: internals.flexBoolean.default(false).when('protocol', { is: 'oauth2', then: Joi.optional(), otherwise: Joi.forbidden() }),
token: Joi.string().required(),
headers: Joi.object(),
profile: Joi.func(),
profileMethod: Joi.string().valid('get', 'post').default('get'),
scope: Joi.alternatives().try(
Joi.array().items(Joi.string()),
Joi.func()
).when('protocol', { is: 'oauth2', otherwise: Joi.forbidden() }),
scopeSeparator: Joi.string().when('protocol', { is: 'oauth2', otherwise: Joi.forbidden() })
}).required(),
password: Joi.string().required(),
clientId: Joi.string().required(),
clientSecret: Joi.alternatives().when('protocol', {
is: 'oauth',
then: Joi.string().required().allow(''),
otherwise: Joi.alternatives().try(Joi.string().allow(''), Joi.object())
}).required(),
cookie: Joi.string(),
/*
Copyright 2018 Google LLC
Use of this source code is governed by an MIT-style
license that can be found in the LICENSE file or at
https://opensource.org/licenses/MIT.
*/
const joi = require('@hapi/joi');
const defaults = require('./defaults');
const regExpObject = require('./reg-exp-object');
// Define some common constraints used by all methods.
module.exports = joi.object().keys({
dontCacheBustURLsMatching: regExpObject,
globFollow: joi.boolean().default(defaults.globFollow),
globIgnores: joi.array().items(joi.string()).default(defaults.globIgnores),
globPatterns: joi.array().items(joi.string()).default(defaults.globPatterns),
globStrict: joi.boolean().default(defaults.globStrict),
manifestTransforms: joi.array().items(joi.func().arity(1)),
maximumFileSizeToCacheInBytes: joi.number().min(1)
.default(defaults.maximumFileSizeToCacheInBytes),
modifyURLPrefix: joi.object(),
// templatedURLs is an object where any property name is valid, and the values
// can be either a string or an array of strings.
templatedURLs: joi.object().pattern(/./,
[joi.string(), joi.array().items(joi.string())]),
});
request: Wreck.request.bind(Wreck),
parseCacheControl: Wreck.parseCacheControl.bind(Wreck)
},
xforward: false,
passThrough: false,
redirects: false,
timeout: 1000 * 60 * 3, // Timeout request after 3 minutes
localStatePassThrough: false, // Pass cookies defined by the server upstream
maxSockets: Infinity,
downstreamResponseTime: false
};
internals.schema = Joi.object({
httpClient: Joi.object({
request: Joi.func(),
parseCacheControl: Joi.func()
}),
host: Joi.string(),
port: Joi.number().integer(),
protocol: Joi.string().valid('http', 'https', 'http:', 'https:'),
uri: Joi.string(),
passThrough: Joi.boolean(),
localStatePassThrough: Joi.boolean(),
acceptEncoding: Joi.boolean().when('passThrough', { is: true, otherwise: Joi.forbidden() }),
rejectUnauthorized: Joi.boolean(),
xforward: Joi.boolean(),
redirects: Joi.number().min(0).integer().allow(false),
timeout: Joi.number().integer(),
mapUri: Joi.func(),
onResponse: Joi.func(),
navigateFallback: joi.string().default(defaults.navigateFallback),
navigateFallbackBlacklist: joi.array().items(regExpObject),
navigateFallbackWhitelist: joi.array().items(regExpObject),
navigationPreload: joi.boolean().default(defaults.navigationPreload),
offlineGoogleAnalytics: joi.alternatives().try(joi.boolean(), joi.object())
.default(defaults.offlineGoogleAnalytics),
runtimeCaching: joi.array().items(joi.object().keys({
method: joi.string().valid(
'DELETE',
'GET',
'HEAD',
'PATCH',
'POST',
'PUT'
),
urlPattern: [regExpObject, joi.string(), joi.func()],
handler: [
joi.func(),
joi.string().valid(
'CacheFirst',
'CacheOnly',
'NetworkFirst',
'NetworkOnly',
'StaleWhileRevalidate'),
],
options: joi.object().keys({
backgroundSync: joi.object().keys({
name: joi.string().required(),
options: joi.object(),
}),
broadcastUpdate: joi.object().keys({
const internals = {
restfulValidatedMethods: ['post', 'put', 'patch', 'delete']
};
internals.schema = Joi.object().keys({
key: Joi.string().optional(),
size: Joi.number().optional(),
autoGenerate: Joi.boolean().optional(),
addToViewContext: Joi.boolean().optional(),
cookieOptions: Joi.object().keys(null),
headerName: Joi.string().optional(),
restful: Joi.boolean().optional(),
skip: Joi.func().optional(),
enforce: Joi.boolean().optional(),
logUnauthorized: Joi.boolean().optional()
});
internals.defaults = {
key: 'crumb',
size: 43, // Equal to 256 bits
autoGenerate: true, // If false, must call request.plugins.crumb.generate() manually before usage
addToViewContext: true, // If response is a view, add crumb to context
cookieOptions: { // Cookie options (i.e. hapi server.state)
path: '/'
},
headerName: 'X-CSRF-Token', // Specify the name of the custom CSRF header
restful: false, // Set to true for custom header crumb validation. Disables payload/query validation
.keys({
url: Joi.any().forbidden(),
css: Joi.any().forbidden(),
width: Joi.any().forbidden(),
height: Joi.any().forbidden(),
timeout: Joi.number().default(DEFAULT.timeout),
forceInclude: Joi.any(),
maxEmbeddedBase64Length: Joi.number(),
})
.unknown(true),
rebase: [
Joi.object().keys({
from: Joi.string(),
to: Joi.string(),
}),
Joi.func(),
Joi.boolean(),
],
target: [
Joi.string(),
Joi.object().keys({
css: Joi.string(),
html: Joi.string(),
uncritical: Joi.string(),
}),
],
assetPaths: Joi.array().items(Joi.string()),
userAgent: Joi.string(),
})
.label('options')
.xor('html', 'src');